CVE-2004-0615

Currently unrated

Key Information:

Vendor: D-link
Status: Di-704p; Di-614\+; Di-624
Vendor: CVE Published:; 6 December 2004

Summary

Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request.

References

http://www.securityfocus.com/bid/10587

vdb-entryx_refsource_BID

http://secunia.com/advisories/11919

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/7211

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Dec 6, 2004
Vulnerability Reserved
Jun 29, 2004